Saturday, February 19, 2011

SMTP mail setting in web.config file?

Example to define email setting in web.config file:

<system.net>
        <mailSettings>
            <smtp deliveryMethod="Network" from="testuser@example.com">
                <network defaultCredentials="true" host="localhost" port="25" userName="testUser" password="testPassword"/>
            </smtp>
        </mailSettings>
    </system.net>


SMTP mail setting using code:

using System.Configuration;
using System.Web.Configuration;
using System.Net.Configuration

Configuration config = WebConfigurationManager.OpenWebConfiguration(HttpContext.Current.Request.ApplicationPath);
        MailSettingsSectionGroup settings = (MailSettingsSectionGroup)config.GetSectionGroup("system.net/mailSettings");
        Response.Write("host: " + settings.Smtp.Network.Host + "<br />");
        Response.Write("port: " + settings.Smtp.Network.Port + "<br />");
        Response.Write("Username: " + settings.Smtp.Network.UserName + "<br />");
        Response.Write("Password: " + settings.Smtp.Network.Password + "<br />");
        Response.Write("from: " + settings.Smtp.From + "<br />");

Enjoy.....
Posted by at No comments:

Saturday, February 5, 2011

Enable java script debugger in visual studio 2008....

Step for enable java script debugger in visual studio:

1. Set IE as default web browser
2. Unchecked disable script debugger from IE

Set IE as default web browser

Tools->Internet Option->Programs->Make default



Unchecked disable script debugger from IE

Tools->Internet Option->advanced





Now restart your visual studio 2008 set a break point in your script file you will get a desired output...
Posted by at No comments:

Wednesday, February 2, 2011

Preventing SQL injection in ASP.NET application...


You can protect your application from SQL Injection by following way

       1. Constrain input
           2. Use parameter with stored procedure 
  3. Use parameter with dynamic  SQL
     
Constrain Input: You have to validate all input to your ASP.NET application for type, range, length etc.
 i.e. RegularExpressionValidator, RangeValidator or Regex class.

Use parameter with stored procedure: 

The following code shows how to use SqlParameterCollection when calling a stored procedure.
using System.Data;
using System.Data.SqlClient;

using (SqlConnection connection = new SqlConnection(connectionString))
{
  DataSet userDataset = new DataSet();
  SqlDataAdapter myCommand = new SqlDataAdapter("LoginStoredProcedure", connection);
  myCommand.SelectCommand.CommandType = CommandType.StoredProcedure;
  myCommand.SelectCommand.Parameters.Add("@au_id", SqlDbType.VarChar, 11);
  myCommand.SelectCommand.Parameters["@au_id"].Value = SSN.Text;

  myCommand.Fill(userDataset);
}
 
Use parameter with dynamic sql:
The following code shows how to use SqlParametersCollection with dynamic SQL.
using System.Data;
using System.Data.SqlClient;
using (SqlConnection connection = new SqlConnection(connectionString))
{
  DataSet userDataset = new DataSet();
  SqlDataAdapter myDataAdapter = new SqlDataAdapter(
         "SELECT au_lname, au_fname FROM Authors WHERE au_id = @au_id", 
         connection);                
  myCommand.SelectCommand.Parameters.Add("@au_id", SqlDbType.VarChar, 11);
  myCommand.SelectCommand.Parameters["@au_id"].Value = SSN.Text;
  myDataAdapter.Fill(userDataset);
}
 
 
Posted by at No comments:
Subscribe to: Posts (Atom)